Security Top Ten

Information Security Top 'Must Knows'

the City of Bothell Is Required to Maintain Technology Resources and Data in a Manner That Meets Security Requirements as Mandated by of a Number of Governing Agencies

The majority of the requirements affect the Information Services division, which is required to implement procedures to meet all governing requirements.

The restrictions affecting you as a user are based on these requirements.

Sharing Passwords or Logging Another Person as Yourself Is Prohibited and May Result in Disciplinary Action

Sharing passwords with another employee, friend, family member, etc is never ok. Sharing your password with an authorized City of Bothell Information Services staff person for specific account troubleshooting is permitted.

Logging another person into a computer or system using your credentials is never ok.

Access to any City data resource must be authorized by Information Services and in accordance with City policies.If you know of an individual who needs computer access, contact Information Services or Human Resources for information.

All users must have their own unique username and password. Generic or shared accounts are prohibited.

Sharing or Lending Your Key Card to Any Person Is Prohibited and May Result in Disciplinary Action

Do not lend out your keys or key card.

Do not let a person in the building or secured area without an escort unless you personally know who they are and are sure that they are authorized to be in that area.

Do not leave unauthorized persons in ‘non-public’ areas unattended. All visitors are required to be escorted at all times while outside public areas.

General Password Requirements

Using passwords for City systems that you also use for personal accounts or systems is prohibited.

Writing your password down and storing it in your work area is prohibited.

Storing your City login information on a personal phone or personal computer is prohibited.

All technology purchases must be processed and approved by Information Services

Purchases of all software, hardware, mobile devices, thumb drives, etc must be coordinated through and approved by Information Services. Refer to Administrative Order 2.4.2, Technology purchasing for more information.

Use of Non-authorized Thumb Drives Is Prohibited

All thumb drives require a specific form of encryption (as mandated by governing agencies) and must be purchased through I.S.

Unsecured thumb drives provided by vendors, at conferences, trainings, etc are NOT permitted to be connected to any city computer.

If the City Doesn’t Own It, It Cannot Be Connected to the Network or to a City Computer

Equipment owned by Vendors, presenters, employees, volunteers, or any other entity other than the City of Bothell are prohibited from connecting to the City network.

Personal devices such as thumb drives, cameras, mobile phones, etc are not permitted to be connected to City computers.

Handle Sensitive Data With Care

Never fax or email sensitive data.

Do not store sensitive data any longer than required under the City of Bothell's document retention policy or applicable laws require. When no longer needed, destroy it.

Keep it locked up at all times.

Only authorized staff who have been appropriately vetted by the City and trained is permitted to handle cash, credit cards, or any other sensitive data. Contact Human Resources or Information Services for more information.

Don't Install Software On Your Computer

All software purchases and installations must be coordinated through and approved by Information Services per Administrative Order 2.4.2. This includes shareware or freeware.

Do Not Leave Visitors or Vendors Unattended in Non-public Access Areas

It is strictly prohibited to let visitors or guests use City computers.

All visitors must sign in and sign out.

All visitors must be escorted when not in public access areas.

No unauthorized persons may be left unattended near any City computers or file storage. This includes any person, including vendors, who are not properly vetted through HR and IS